{"title":"基于注意编码和深度度量学习的未知网络攻击检测","authors":"Chunlan Fu, Shirong Han, Gang Shen","doi":"10.1109/TrustCom56396.2022.00047","DOIUrl":null,"url":null,"abstract":"Emerging and evolving cybersecurity threats pose significant risks to the private data and assets of government, businesses, and individuals. The timely detection of unknown network attacks is a crucial defense measure to stop cybercrimes. However, the intricate organization and elaborate disguise make the previously unknown attacks hard to pinpoint. In this paper, we propose an approach with an attention encoding and deep metric learning model for intrusion detection. To handle the class-imbalance problem in the training data, we introduced a genetic algorithm-inspired data augmentation, applying the selection-crossover model to generate additional rare-class data. Using the class centers learned by the t-SNE algorithm for the online triplets, we reduced the randomness in the loss function calculation for the Triplet network. The self-attention and channel attention help to find the correlations between the samples and strengthen the mapping power of the low-dimensional metric space. To test the proposed detection system, we used NSL-KDD datasets for evaluation. Compared with the state-of-the-art methods in other research, our system presented a better performance for detecting unknown attacks, with an accuracy of 87% for multi-class classification, improving over 2.8%.","PeriodicalId":276379,"journal":{"name":"2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"302 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Detecting Unknown Network Attacks with Attention Encoding and Deep Metric Learning\",\"authors\":\"Chunlan Fu, Shirong Han, Gang Shen\",\"doi\":\"10.1109/TrustCom56396.2022.00047\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Emerging and evolving cybersecurity threats pose significant risks to the private data and assets of government, businesses, and individuals. The timely detection of unknown network attacks is a crucial defense measure to stop cybercrimes. However, the intricate organization and elaborate disguise make the previously unknown attacks hard to pinpoint. In this paper, we propose an approach with an attention encoding and deep metric learning model for intrusion detection. To handle the class-imbalance problem in the training data, we introduced a genetic algorithm-inspired data augmentation, applying the selection-crossover model to generate additional rare-class data. Using the class centers learned by the t-SNE algorithm for the online triplets, we reduced the randomness in the loss function calculation for the Triplet network. The self-attention and channel attention help to find the correlations between the samples and strengthen the mapping power of the low-dimensional metric space. To test the proposed detection system, we used NSL-KDD datasets for evaluation. Compared with the state-of-the-art methods in other research, our system presented a better performance for detecting unknown attacks, with an accuracy of 87% for multi-class classification, improving over 2.8%.\",\"PeriodicalId\":276379,\"journal\":{\"name\":\"2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"volume\":\"302 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TrustCom56396.2022.00047\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom56396.2022.00047","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Detecting Unknown Network Attacks with Attention Encoding and Deep Metric Learning
Emerging and evolving cybersecurity threats pose significant risks to the private data and assets of government, businesses, and individuals. The timely detection of unknown network attacks is a crucial defense measure to stop cybercrimes. However, the intricate organization and elaborate disguise make the previously unknown attacks hard to pinpoint. In this paper, we propose an approach with an attention encoding and deep metric learning model for intrusion detection. To handle the class-imbalance problem in the training data, we introduced a genetic algorithm-inspired data augmentation, applying the selection-crossover model to generate additional rare-class data. Using the class centers learned by the t-SNE algorithm for the online triplets, we reduced the randomness in the loss function calculation for the Triplet network. The self-attention and channel attention help to find the correlations between the samples and strengthen the mapping power of the low-dimensional metric space. To test the proposed detection system, we used NSL-KDD datasets for evaluation. Compared with the state-of-the-art methods in other research, our system presented a better performance for detecting unknown attacks, with an accuracy of 87% for multi-class classification, improving over 2.8%.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
